X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/be0e33862fedbf02e52a9e126cac31dfb5775b43..e15a92a30213d87e10e000a240a7dcab66c208b4:/test/controllers/api/user_preferences_controller_test.rb diff --git a/test/controllers/api/user_preferences_controller_test.rb b/test/controllers/api/user_preferences_controller_test.rb index 99dad9597..816be9b6e 100644 --- a/test/controllers/api/user_preferences_controller_test.rb +++ b/test/controllers/api/user_preferences_controller_test.rb @@ -1,44 +1,48 @@ require "test_helper" module Api - class UserPreferencesControllerTest < ActionController::TestCase + class UserPreferencesControllerTest < ActionDispatch::IntegrationTest ## # test all routes which lead to this controller def test_routes assert_routing( { :path => "/api/0.6/user/preferences", :method => :get }, - { :controller => "api/user_preferences", :action => "read" } + { :controller => "api/user_preferences", :action => "index" } + ) + assert_routing( + { :path => "/api/0.6/user/preferences.json", :method => :get }, + { :controller => "api/user_preferences", :action => "index", :format => "json" } ) assert_routing( { :path => "/api/0.6/user/preferences", :method => :put }, - { :controller => "api/user_preferences", :action => "update" } + { :controller => "api/user_preferences", :action => "update_all" } ) assert_routing( { :path => "/api/0.6/user/preferences/key", :method => :get }, - { :controller => "api/user_preferences", :action => "read_one", :preference_key => "key" } + { :controller => "api/user_preferences", :action => "show", :preference_key => "key" } ) assert_routing( { :path => "/api/0.6/user/preferences/key", :method => :put }, - { :controller => "api/user_preferences", :action => "update_one", :preference_key => "key" } + { :controller => "api/user_preferences", :action => "update", :preference_key => "key" } ) assert_routing( { :path => "/api/0.6/user/preferences/key", :method => :delete }, - { :controller => "api/user_preferences", :action => "delete_one", :preference_key => "key" } + { :controller => "api/user_preferences", :action => "destroy", :preference_key => "key" } ) end ## - # test read action - def test_read + # test showing all preferences + def test_index # first try without auth - get :read + get user_preferences_path assert_response :unauthorized, "should be authenticated" # authenticate as a user with no preferences - basic_authorization create(:user).email, "test" + auth_header = bearer_authorization_header # try the read again - get :read + get user_preferences_path, :headers => auth_header assert_select "osm" do assert_select "preferences", :count => 1 do assert_select "preference", :count => 0 @@ -49,12 +53,12 @@ module Api user = create(:user) user_preference = create(:user_preference, :user => user) user_preference2 = create(:user_preference, :user => user) - basic_authorization user.email, "test" + auth_header = bearer_authorization_header(user) # try the read again - get :read + get user_preferences_path, :headers => auth_header assert_response :success - assert_equal "application/xml", @response.content_type + assert_equal "application/xml", @response.media_type assert_select "osm" do assert_select "preferences", :count => 1 do assert_select "preference", :count => 2 @@ -62,42 +66,52 @@ module Api assert_select "preference[k=\"#{user_preference2.k}\"][v=\"#{user_preference2.v}\"]", :count => 1 end end + + # Test json + get user_preferences_path(:format => "json"), :headers => auth_header + assert_response :success + assert_equal "application/json", @response.media_type + + js = ActiveSupport::JSON.decode(@response.body) + assert_not_nil js + assert_equal 2, js["preferences"].count + assert_equal user_preference.v, js["preferences"][user_preference.k] end ## - # test read_one action - def test_read_one + # test showing one preference + def test_show user = create(:user) create(:user_preference, :user => user, :k => "key", :v => "value") # try a read without auth - get :read_one, :params => { :preference_key => "key" } + get user_preference_path(:preference_key => "key") assert_response :unauthorized, "should be authenticated" # authenticate as a user with preferences - basic_authorization user.email, "test" + auth_header = bearer_authorization_header(user) # try the read again - get :read_one, :params => { :preference_key => "key" } + get user_preference_path(:preference_key => "key"), :headers => auth_header assert_response :success - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "value", @response.body # try the read again for a non-existent key - get :read_one, :params => { :preference_key => "unknown_key" } + get user_preference_path(:preference_key => "unknown_key"), :headers => auth_header assert_response :not_found end ## - # test update action - def test_update + # test bulk update action + def test_update_all user = create(:user) create(:user_preference, :user => user, :k => "key", :v => "value") create(:user_preference, :user => user, :k => "some_key", :v => "some_value") # try a put without auth assert_no_difference "UserPreference.count" do - put :update, :body => "" + put user_preferences_path, :params => "" end assert_response :unauthorized, "should be authenticated" assert_equal "value", UserPreference.find([user.id, "key"]).v @@ -107,14 +121,14 @@ module Api end # authenticate as a user with preferences - basic_authorization user.email, "test" + auth_header = bearer_authorization_header(user) # try the put again assert_no_difference "UserPreference.count" do - put :update, :body => "" + put user_preferences_path, :params => "", :headers => auth_header end assert_response :success - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "", @response.body assert_equal "new_value", UserPreference.find([user.id, "key"]).v assert_equal "value", UserPreference.find([user.id, "new_key"]).v @@ -124,29 +138,42 @@ module Api # try a put with duplicate keys assert_no_difference "UserPreference.count" do - put :update, :body => "" + put user_preferences_path, :params => "", :headers => auth_header end assert_response :bad_request - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "Duplicate preferences with key key", @response.body assert_equal "new_value", UserPreference.find([user.id, "key"]).v # try a put with invalid content assert_no_difference "UserPreference.count" do - put :update, :body => "nonsense" + put user_preferences_path, :params => "nonsense", :headers => auth_header end assert_response :bad_request + + # try a put with unicode characters + assert_no_difference "UserPreference.count" do + put user_preferences_path, :params => "", :headers => auth_header + end + assert_response :success + assert_equal "text/plain", @response.media_type + assert_equal "", @response.body + assert_equal "néw_vâlué", UserPreference.find([user.id, "kêy"]).v + assert_equal "vâlué", UserPreference.find([user.id, "nêw_kêy"]).v + assert_raises ActiveRecord::RecordNotFound do + UserPreference.find([user.id, "some_key"]) + end end ## - # test update_one action - def test_update_one + # test update action + def test_update user = create(:user) create(:user_preference, :user => user) # try a put without auth assert_no_difference "UserPreference.count" do - put :update_one, :params => { :preference_key => "new_key" }, :body => "new_value" + put user_preference_path(:preference_key => "new_key"), :params => "new_value" end assert_response :unauthorized, "should be authenticated" assert_raises ActiveRecord::RecordNotFound do @@ -154,49 +181,58 @@ module Api end # authenticate as a user with preferences - basic_authorization user.email, "test" + auth_header = bearer_authorization_header(user) # try adding a new preference assert_difference "UserPreference.count", 1 do - put :update_one, :params => { :preference_key => "new_key" }, :body => "new_value" + put user_preference_path(:preference_key => "new_key"), :params => "new_value", :headers => auth_header end assert_response :success - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "", @response.body assert_equal "new_value", UserPreference.find([user.id, "new_key"]).v # try changing the value of a preference assert_no_difference "UserPreference.count" do - put :update_one, :params => { :preference_key => "new_key" }, :body => "newer_value" + put user_preference_path(:preference_key => "new_key"), :params => "newer_value", :headers => auth_header end assert_response :success - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "", @response.body assert_equal "newer_value", UserPreference.find([user.id, "new_key"]).v + + # try changing the value of a preference to include unicode characters + assert_difference "UserPreference.count", 1 do + put user_preference_path(:preference_key => "nêw_kêy"), :params => "néwèr_vâlué", :headers => auth_header + end + assert_response :success + assert_equal "text/plain", @response.media_type + assert_equal "", @response.body + assert_equal "néwèr_vâlué", UserPreference.find([user.id, "nêw_kêy"]).v end ## - # test delete_one action - def test_delete_one + # test destroy action + def test_destroy user = create(:user) create(:user_preference, :user => user, :k => "key", :v => "value") # try a delete without auth assert_no_difference "UserPreference.count" do - delete :delete_one, :params => { :preference_key => "key" } + delete user_preference_path(:preference_key => "key") end assert_response :unauthorized, "should be authenticated" assert_equal "value", UserPreference.find([user.id, "key"]).v # authenticate as a user with preferences - basic_authorization user.email, "test" + auth_header = bearer_authorization_header(user) # try the delete again assert_difference "UserPreference.count", -1 do - get :delete_one, :params => { :preference_key => "key" } + delete user_preference_path(:preference_key => "key"), :headers => auth_header end assert_response :success - assert_equal "text/plain", @response.content_type + assert_equal "text/plain", @response.media_type assert_equal "", @response.body assert_raises ActiveRecord::RecordNotFound do UserPreference.find([user.id, "key"]) @@ -204,7 +240,7 @@ module Api # try the delete again for the same key assert_no_difference "UserPreference.count" do - get :delete_one, :params => { :preference_key => "key" } + delete user_preference_path(:preference_key => "key"), :headers => auth_header end assert_response :not_found assert_raises ActiveRecord::RecordNotFound do @@ -214,32 +250,24 @@ module Api # Ensure that a valid access token with correct capabilities can be used to # read preferences - def test_read_one_using_token + def test_show_using_token user = create(:user) - token = create(:access_token, :user => user, :allow_read_prefs => true) + auth_header = bearer_authorization_header(user, :scopes => %w[read_prefs]) create(:user_preference, :user => user, :k => "key", :v => "value") - # Hack together an oauth request - an alternative would be to sign the request properly - @request.env["oauth.version"] = 1 - @request.env["oauth.strategies"] = [:token] - @request.env["oauth.token"] = token - - get :read_one, :params => { :preference_key => "key" } + get user_preference_path(:preference_key => "key"), :headers => auth_header assert_response :success end # Ensure that a valid access token with incorrect capabilities can't be used # to read preferences even, though the owner of that token could read them # by other methods. - def test_read_one_using_token_fail + def test_show_using_token_fail user = create(:user) - token = create(:access_token, :user => user, :allow_read_prefs => false) + auth_header = bearer_authorization_header(user, :scopes => %w[]) create(:user_preference, :user => user, :k => "key", :v => "value") - @request.env["oauth.version"] = 1 - @request.env["oauth.strategies"] = [:token] - @request.env["oauth.token"] = token - get :read_one, :params => { :preference_key => "key" } + get user_preference_path(:preference_key => "key"), :headers => auth_header assert_response :forbidden end end